Nov 202014

For all those lamenting the current wave of online attacks, I have bad news for you – The worst is still to come.

From the White House to Target to the U.S. State Department to Home Depot to the USPS and countless other organizations, it seems there’s not a single large outfit that’s not suffered a devastating online attack and theft of credit card information and personal data of  millions.

Ask not which large organization has been hacked, instead ask who’s not.

It’s not just businesses that are vulnerable to online attacks. Countless people fall victim daily to diverse forms of malware attacks on their desktop and laptop computers.

A couple of years back, a Google Search Results Hijack malware destroyed one of my Windows PCs.

Ransomware demands to unlock computers have escalated in recent months.

The world is full of nutcases determined to make life miserable for others.

And there’s nothing we can do about it considering there are far too many cyber-attack vectors (active attacks, passive attacks like search engine results and drive-by attacks when you visit an innocent-looking web site etc).

The fundamental weaknesses of the Internet architecture and the availability of countless IP addresses make it impossible to control the wave of attacks. You can sit in a Kiev or New Delhi basement and mount an anonymous attack on a NYC bank with impunity, a feat unimaginable in the physical world.

Even if you block 20, 200 or 2,000 IP addresses via hardware firewalls or IP Tables, hackers still have access to tens of thousands of other IPs from which to crash your web site, attack the server or plant malware in the network.

Each time you block an IP, CIDR or even an entire nation from accessing your network, the cyber-terrorist has no worries. None at all. Because he still has recourse to thousands of other IPs from which to reload and relaunch his attack on your point-of-sale system, server, web site or network.

But the current wave of attacks is just the harbinger of worse things to come over the next decade, more so with the inroads thatr information technology has made into all walks of life (hospitals, electric grids, transportation hubs, schools, air-traffic control, electronic voting etc).

Mark my words!

You’ll look back nostalgically to the present times as the halcyon days of the Internet.

Knowledge Economy —> Cyber Attacks

Until fairly recently, the knowledge economy was the exclusive preserve of U.S., Canada, UK, Germany, France, Japan, South Korea, Russia, Australia, New Zealand and a handful of other countries.

A knowledge economy is not merely one that has a high degree of literacy but one where a wide swathe of people leverage computers and information technology as powerful tools to forge ahead in education, entertainment, business, espionage and war.

By putting knowledge on steroids, information technology has created the knowledge economy.

Thanks to U.S. government funding of research labs (1945-75) and the entrepreneurial itch of Silicon Valley pioneers (1968-2014), the knowledge economy first flowered in the U.S., then moved east to Europe and now reached the shores of a few Third World nations.

For a variety of reasons (falling prices of computers, low-cost school/university education, economic growth etc), the knowledge economy is now starting to establish roots in ambitious nations like China, India, Brazil and Turkey, all with large populations.

Expansion of the knowledge economy to new nations has been accompanied by a massive surge in adoption of open source software like Linux in these nations. I suspect Kali Linux and Ubuntu have more users in China, Russia, India, Ukraine and Turkey than in the rest of the world combined.

As the knowledge economy reaches new geographical frontiers, expect the law of unintended consequences to come into play.

I predict there will be a tremendous surge in cyber attacks on all organizations (small, medium and large) for seven reasons:

* Expansion of the knowledge economy to new nations (like China, India, Iran, Brazil, Turkey etc) providing citizens access to basic infrastructure

* Growth of the open source software movement and easy availability of scores of free tools for port scanning, vulnerability scanning and exploiting servers and networks

* Increasing gap between people entering the knowledge economy and the economic opportunities for them

* Establishment of offensive cyber-attack military agencies by emerging knowledge economies like China, Turkey and India

* Growth in cyber-attack capabilities of established knowledge economies like UK, U.S., France and Australia

* Rising political tensions over trade, oil, military expansionism, religion and borders

* Expansion of various Mafias into the online arena

For less than $100, a teenager in Kiev, Noida or Ankara can get a computer on which he can install Kali Linux, Caine, Ubuntu, CentOS or any other distro. The beauty of Linux is that even 10-year-old computers run well on it. If something goes wrong, just format the hard-drive and reinstall the software for free.

Metasploit, Golismero, Zenmap, OllyDbg, Searchsploit, Dictstat, Armitrage and dozens of free tools let any nut in any corner of the globe to port scan a network or server, identify vulnerabilities and mount vicious, relentless attacks from a safe distance of 10,000 miles.

And you don’t need a doctorate in computer science to deploy these powerful tools. Just a basic familiarity with Linux and the command line is all that’s required.

Based on experience with my server, the majority of attacks come from IP addresses traced to emerging knowledge economies like China, Russia, India, Ukraine, Brazil, Turkey, Latvia, Lithuania, Estonia and increasingly these days from Nepal.

And in these countries that are transitioning to knowledge economies (with improving literacy rates, growing economy and easy access to cheap computers and Internet), the ability of governments to provide good jobs is growing at a slower pace.

In short, more people are being brought into the knowledge economy at a rate faster than the ability of these nations to absorb all of them into the economies with stable, decent jobs.

So in emerging knowledge economies we’ll have a huge population in the age group 15-34. Some of these youngsters will be sensible, stable and well employed. But a lot of them will be unemployed and unstable.

In the face of inadequate job opportunities, rising income inequalities and dysfunctional and corrupt political systems a lot of idle youngsters will become alienated, unstable and tend to look for adrenalin rushes and money in online crimes (facilitated by free tools and low-cost Linux computers, and the low likelihood of arrests).

This hiatus or gap between the number of people entering the knowledge economy and their ability to find good jobs will leave a massive disgruntled populace with powerful weapons and turn them into cyber-mercenaries for hire. That has already happened to some degree in Eastern Europe where you can rent a cyber-mercenary from Ukraine or Estonia for less than $200 and it’s started in Mumbai where some angry movie stars and directors have hired local hackers to go after bloggers.

These destructive cyber-mercenaries are growing into loosely connected, frontier-less criminal armies.

Besides being a lucrative tool for criminals, cyber-attacks may also be considered in one sense weapons of the weak, disenfranchised and poor in emerging knowledge economies.

Organizational Attacks

Established knowledge economies have already set up strong cyber attack organizations whose mandate is to plant spyware, conduct online surveillance and mount attacks against other nations.

Powerful knowledge economies already have outfits like GCHQ and NSA while emerging knowledge economies like China and India too have set up similar secretive cyber-agencies closely connected to their offensive military infrastructure.

Legislative efforts to rein in cyber military agencies with strong corporate ties have so far had limited to zero chance of success.

By my estimate, there are at least 250,000 people working in cyber-military government agencies around the world daily hacking the computer networks of both friends and foes.

Plus, if you take into account reports of Mafia style criminal outfits in Mexico, Ukraine and Russia extending their operations to the Internet arena you can expect a huge tsunami of online attacks in the coming years.

Handling Cyber Attacks

Can anything be done to stop the coming cyber-attack tsunami?

Not much other than building strong cyber-ramparts and moats to manage (but not completely stop) the coming tsunami of attacks.

Perhaps, permanent IP addresses should be allotted to individuals and businesses like Social Security Numbers or Tax ID numbers. This would make it easier to track attacks from individuals or small businesses.

But handling attacks from medium and large organizations is hard to counter. Sooner or later, a cyber-defense organization turns into a cyber-offense agency.

You can’t go after every malicious hacker in Kiev, Ankara, Buffalo or Mumbai or tame powerful state-sponsored cyber-military agencies in China, Russia, U.S., UK, Turkey or India.

Like most beautiful things touched by humans, the Internet too will be be badly tarred.

Just think of the present times as the better days of the Internet.

Sorry, the comment form is closed at this time.